﻿using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Mvc.Filters;

namespace B.S.BasicData.Api.Read.Filters
{
    /// <summary>
    /// 自定义授权过滤器
    /// </summary>
    public class MyAuthorize :Attribute, IAuthorizationFilter
    {
        /// <summary>
        /// 授权过滤器
        /// </summary>
        /// <param name="context"></param>
        public void OnAuthorization(AuthorizationFilterContext context)
        {
            var claims = context.HttpContext.User.Claims;
            var expires =long.Parse(claims.Where(x=>x.Type== "exp").FirstOrDefault()?.Value ??"0");//过期时间

            var role = claims.Where(x => x.Type == "roleName").FirstOrDefault()?.Value??"无角色";

            if (role == "无角色") { 
            //需要处理,,你就处理一下.

            }
            var now = DateTimeOffset.UtcNow.ToUnixTimeSeconds();//当前时间

            if (expires < now) {//如果过期时间比当前时间小,说明访问token过期
                context.Result = new UnauthorizedObjectResult("访问token过期");
            }          
             
        }
    }
}
